SB2020110313 - Multiple vulnerabilities in Adobe Reader and Acrobat

Description

This security bulletin contains information about 14 secuirty vulnerabilities.

1) Heap-based buffer overflow (CVE-ID: CVE-2020-24435)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing JavaScript submitForm elements in PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Improper access control (CVE-ID: CVE-2020-24433)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper access restrictions. A local user can bypass implemented security restrictions and elevate privileges on the system.

3) Input validation error (CVE-ID: CVE-2020-24432)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied input when processing JavaScript inside PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it and gain access to sensitive information.

4) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2020-24439)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to incorrect digital signature verification. A remote attacker can create a specially crafted PDF file, trick the victim into opening it and bypass implemented security restrictions.

5) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2020-24429)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application incorrectly handles digital signatures. A local user can elevate privileges on the system.

6) Input validation error (CVE-ID: CVE-2020-24427)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied input when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it and gain access to sensitive information.

7) Insecure DLL loading (CVE-ID: CVE-2020-24431)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to the application loads DLL libraries in an insecure manner. A remote attacker can place a specially crafted .dll file on a remote SMB fileshare, trick the victim into opening a file, associated with the vulnerable application, and execute arbitrary code on victim's system.

8) Out-of-bounds write (CVE-ID: CVE-2020-24436)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger an out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

9) Out-of-bounds read (CVE-ID: CVE-2020-24426)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a boundary error when processing PDF files within the ID parameter. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger an out-of-bounds read and gain access to sensitive information.

10) Out-of-bounds read (CVE-ID: CVE-2020-24434)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger an out-of-bounds read and gain access to sensitive information.

11) Race condition (CVE-ID: CVE-2020-24428)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

12) Use-after-free (CVE-ID: CVE-2020-24430)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

13) Use-after-free (CVE-ID: CVE-2020-24437)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a use-after-free error when processing JavaScript forms inside PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

14) Use-after-free (CVE-ID: CVE-2020-24438)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a use-after-free error when processing PDF files within the "AVDocumentLocal object". A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error and gain access to sensitive information.

Remediation

Install update from vendor's website.

References

• https://helpx.adobe.com/security/products/acrobat/apsb20-67.html